Angler Phishing
A social-media attack where scammers impersonate customer-support accounts to steal credentials or redirect victims to fake websites.
Also known as: social media phishing, fake customer support scam
Last reviewed: 10 June 2026
Angler phishing exploits the public nature of social-media complaints. When a consumer posts a complaint directed at a brand, scammers monitoring those hashtags or mentions quickly reply from a fake account styled to look like the brand's official support handle. They offer to 'resolve the issue' and direct the victim to a phishing site or ask for account details.
The speed of the fake response — often faster than the real company — lends credibility. Victims believe they are receiving legitimate help and willingly hand over login credentials, authentication codes, or payment information.
Always verify support accounts by navigating to the brand's official website and checking their listed social profiles before sharing any personal or account information.
Examples
- A customer tweets a complaint at their bank; a look-alike account with a similar handle replies offering help and requests their online banking username and password.
- A consumer complains about a delayed parcel on Facebook; a fake delivery-company page asks for their address and a 're-delivery fee'.